Everyone thinks HIPAA protects personal health data. It doesn’t.
The most valuable data collected and sold by US “data brokers” is sensitive personal health information.
US “data brokers” capture sensitive health information by tracking our searches, social media, phone apps and GPS data. The majority of US healthcare institutions, health-related state and federal government agencies, and health technology vendors are also “data brokers”.
HIPAA gave millions of hidden institutions, healthcare providers, and technology vendors the right to control, use, and sell our medical records, prescriptions, lab tests, claims data, and more. HIPAA gave them the right to be “data brokers”.
If the President’s Consumer Privacy Bill of Rights (CPBOR) was the law of the land AND also was applied to the healthcare system, patients could control who collects and uses health data—not “data brokers”.
The CPBOR’s strong new rights to control the use of personal data could end the use of data for discrimination in every area of life, including jobs, credit, mortgages, and opportunities.
The EU got it right: no government agency or corporation in the EU can collect, use, or sell personal data without permission.
This blog was written in response to the following article: Senators call for consumer privacy protections